Does any have a way to compare current running ACLs against a previously saved copy of the config? Quarterly we need to review the security and it would be nice to run a quick compare to evaluate what has changed since the last quarter and make sure these changes are reflected in our change log as outlined by our corporate security policy.
I'm considering adding access-list remarks to my config to help document it better. I've heard this could clutter the config but using a "show run |exclude remarks" could help when troublshooting.
Does anyone have any thoughts?